Security Engineer enhancing security in Java-based enterprise applications at TopQuadrant. Designing and implementing security solutions while maintaining compliance with data protection regulations.
Responsibilities
Design and implement security solutions for Java-based applications
Secure applications, microservices, APIs, and databases against vulnerabilities
Perform static (SAST) and dynamic (DAST) security testing
Perform quarterly Vulnerability Scans and annual Penetration Test
Manage application dependencies and vulnerabilities within established SLAs
Implement and support authentication (OAuth, SAML), authorization (RBAC), and encryption
Integrate security into the CI/CD pipeline to automate security testing and compliance checks
Monitor, analyze, and respond to security incidents and security questionnaires
Manage Drata for security monitoring, compliance automation, and audit readiness
Ensure compliance with data protection regulations (GDPR, CCPA, HIPAA) and security frameworks (ISO 27001, NIST, SOC 2)
Collaborate with development teams to enforce secure coding best practices via code reviews
Work with Spring Security to enforce access controls and secure distributed applications
Maintain and publish TopQuadrant’s Authorized Software List
Stay updated on the latest security vulnerabilities affecting Java and Spring ecosystems
Requirements
Bachelor's degree in Computer Science, Cybersecurity, or a related field
Strong Java development experience, with proficiency in Spring Boot and Spring Security
Experience with secure coding practices (OWASP Top 10, CWE, etc.)
Hands-on experience with security tools such as SonarQube and Snyk
Knowledge of encryption techniques (AES, RSA), authentication protocols (OAuth, OpenID Connect), and API security
Experience with cloud security best practices (AWS, Azure, or GCP)
Certifications such as CISSP, CEH, CSSLP, or AWS Security are a plus
Systems and Data Security Manager at Mod Op overseeing IT security operations and compliance. Managing SOC 2 Type II compliance and cloud security across systems and environments.
AWS Cloud Security Engineer strengthening cloud security posture at Fluent, Inc. Focused on implementing security controls and maintaining compliance across AWS.
Senior Advisor assisting in property management and building safety at Desjardins. Involves development projects, strategic initiatives, and stakeholder interaction in a hybrid work environment.
Senior IT security advisor helping protect IT hardware, software, and data at Desjardins. Leading initiatives, advising clients, and developing policies for strategic projects.
Business strategy analyst developing plans and business intelligence for Desjardins. Analyzing business needs and solutions for various organizational initiatives with a hybrid work setup.
Security Consultant on TELUS's Cybersecurity Platforms Operations team. Providing hands - on support for critical security services and collaborating with industry - leading vendors.
Senior Cloud Cybersecurity Engineer responsible for cloud security engineering at Tanium. Collaborate to protect cloud infrastructure against threats in Azure, AWS, and Kubernetes.
Managing Consultant in Cybersecurity and NERC Compliance at Guidehouse. Leading client management and project workstreams within the electric utility sector in Canada.
Security Guard responsible for protecting people and property in Amherst, Nova Scotia. Conducting patrols and monitoring security systems to ensure safety.